<?php
session_start();
require("cartFunctions.php");
require_once("../includes/dbInfo.php");

$user = $_SESSION['ls_userid'];
$transactionID = $_GET[''];    
$success = $_GET['auth'];

// on success of payment,create an order, remove the cart, then navigate to order history
if( $success ) {
// create the order
$sql = mysql_query("INSERT INTO orders
       (orderID, status, customerID, orderTime) 
    VALUES (NULL, 'PAID', '$user', NULL) ")
    or die(mysql_error());

// get the ID of newly created order
$orderID =  mysql_insert_id();

// for each item in the cart add to items Ordered
$sql = "SELECT * FROM cart WHERE userID = '$user'";
$result = mysql_query($sql) or die(mysql_error());
  
while($row = mysql_fetch_assoc($result)) { 
     $sql = mysql_query("INSERT INTO itemsOrdered
       (orderID, productID, quantity) 
    VALUES ('$orderID', '$row[productID]', '$row[quantity]')")
    or die(mysql_error());
}

removeCart($user); 
header('Location: orderHistory.php');

}

?>